How do I check my Azure Machine Learning Compute Instance runtime version? To determine your runtime version, make a GET compute rest API call for your compute instance, then check the response. You can find the runtime version from field *versions.runtime. * Please view additional details here: https://learn.microsoft.com/en-us/rest/api/azureml/2023-04-01/compute/get How do I update my Azure Machine Learning Compute Instance runtime version? Please reference the guidance provided here: https://learn.microsoft.com/en-us/rest/api/azureml/2023-04-01/compute/update What type of information could be disclosed by this vulnerability? An attacker that successfully exploited this vulnerability could recover any data that is put in the system logs on the Compute Instance including cleartext passwords. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? An attacker must be authenticated and have read privileges to the logs which may contain sensitive information such as cleartext passwords. It does not require admin or other elevated privileges.
Nitesh Surana (@_niteshsurana) of Project Nebula <a href="https://www.zerodayinitiative.com/">Trend Micro Zero Day Initiative</a>